CVE-2021-23437

Summary

The package pillow 5.2.0 and before 8.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the getrgb function.

Affected Software

VendorProductVersion RangeStatus
n/aPillow0 < unspecifiedaffected
n/aPillowunspecified < 8.3.2affected

Weaknesses

  • Regular Expression Denial of Service (ReDoS)

ADP Enrichment

CVE Program Container

Additional References

References